CVE-2026-0772

Name of the Vulnerable Software and Affected Versions Langflow (affected versions not specified)

Description A flaw exists in the disk cache service of Langflow that allows remote attackers to execute arbitrary code on affected installations. Authentication is required for exploitation. The issue stems from insufficient validation of user-supplied data, leading to the deserialization of untrusted data. An attacker can exploit this to execute code within the service account's context.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.